General Data Protection Regulation Privacy Policy 2018 (Issue 2.0)

Knight And Day Security Systems Ltd, we take your privacy and the processing of your personal data very seriously. Therefore, we have prepared this Privacy Notice where we describe our contact details, information regarding what personal data we process and what rights you have towards us and how you may defend them. Please feel free to contact our customer support if you have any questions about our processing of personal data or this Privacy Notice.

“Personal data” is any information relating to an identifiable or identified person (you as a user). An identifiable person is someone who can be identified, directly or indirectly, for example by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.

Personal data which we handle

Your personal data may only be processed by us with your given consent, when it is necessary for the performance of a contract to which you are a party, or when it is necessary for our compliance with a legal obligation. The processing of the personal data, the specific purposes for the processing, the legal basis for the processing, and for how long we store your personal data, is described below.

Please note that your personal data will be stored for the length of the contract and will be automatically deleted after four years of contract expiration or termination. For customer quotations your data is retained for 12 months and then deleted if an order is not undertaken.

Name

Your name or company name is collected and processed when you are starting a contract with us. This is necessary for our performance of a contract where you are a party. In case your alarm system or your chosen plan requires a connection to an alarm monitoring centre or mobile app your name or company name together with your customer account number will be shared with third party services such as an alarm monitoring centre company, the Police and app provider. This may also include our regulatory body the SSAIB (Security Systems Alarm Inspection Board.)

Email address

For login purposes and to send payment requests or update keyholder contact details, your email address will be collected by us when you register on our service. Our processing is based on contract requirements and your email address will be kept by us for the length of the contract and four years after its expiration or termination. We may share your email address with an alarm monitoring centre company and the police if your alarm system requires a connection to those services.

Phone number

To contact you to book a service visit or inform you if your alarm has activated it is necessary for us to collect your phone number when you are starting a contract with us. It also may be used to contact you regarding any payment issues with your account. In case your alarm system is connected to an alarm monitoring centre or mobile app your phone number may be shared with those third party services. Also we reserve the right to share your phone number with the police and emergency services, where applicable.

Address details

Your address details will be processed and stored securely with us for as long as you are in a contract and four years after its expiration or termination. The processing of your address details is necessary for our performance of a contract where you are a party. It will be used to send invoices and send the keyholders to the premises, if your alarm is activated. Our users’ address details may be shared with third party services such as an alarm monitoring centre company or mobile app provider in case users’ alarm system requires a connection to such services. We also may share your address details with the police if it is required.

Payment details

In order to make payments for our services we will process your payment details. It will be processed through Worldpay as we use it as our payment processing company and your payment details will be shared only with this third party service. We do not store any payment details in our system.

Summary of your rights towards us:

You as a user have the possibility to claim several rights towards us. Such rights are listed here and thereafter described in detail below. You find our contact details at the top of this Privacy Notice.

* Right to be forgotten

* Right to withdraw consent

* Right to access

* Right to rectification

* Right to restriction of processing

* Right to data portability

* Right to object

* Right to lodge a complaint with a supervisory authority

Right to be forgotten

You have the right to request that we delete any personal data that we process about you. We will delete the data as soon as possible, but at least within one month. If the personal data is needed for fulfillment of our contractual duties towards you or to preserve it with legal ground, we will however not delete the information until the data is no longer needed. We will also, without your explicit demand, delete such personal data that we have collected but do not longer have a lawful right to process. We will inform you about this, if it does occur

Right to withdraw consent

You have the right to withdraw your given consent at any time. If you do so, we will erase such personal data which is not subject to any other legal ground than your given consent. The erasure will be done as soon as possible. Please note that your withdrawal of consent does not oblige us to erase personal data which is processed based on a contractual relationship or any other legal ground.

Right of access

You have, at any time, the right to receive confirmation from us as to whether personal data concerning you are being processed. You have also the right to access that personal data and to receive the following information:

a) The purposes of the processing

b) The categories of personal data concerned

c) The recipients or categories of recipients to whom personal data have been or will be disclosed

d) The envisaged period for which the personal data will be stored or the criteria used to determine that period

e) The existence of automated decision-making and profiling

Right to rectification

You have, at any time, the right to demand us to correct any inaccurate personal data within a month. You have also the right to complete incomplete personal data, taking into account our purposes of the processing, by the means of providing a supplementary statement.

Right to restriction of processing

You have, instead of demanding us to delete any data, the right to demand us to restrict our processing of your personal data. This may be achieved if

a) You have reason to believe that the accuracy of the personal data is not correct, and the restriction shall be in place during a period that allows us to verify the accuracy of the personal data

b) The processing is unlawful but you don’t want us to delete the personal data

c) We no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims

d) You have objected to processing concerning profiling or automated decision-making, whereby a restriction shall be obtained during the period when we assess whether our legitimate ground for the processing override your legitimate ground.

Data portability

You have the right to retrieve the personal data which we process about you and that you have provided to us. You have also the right to demand that we transmit such personal data to another data controller if the personal data is collected based on your consent or if the processing of the personal data is carried out by automated means by us, if we deem it technically feasible.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you. This can be done when the personal data is processed as part of automated decision-making, including profiling, and direct marketing, if such processing would be carried out (see “Personal data that we process” above).

Right to lodge a complaint with a supervisory authority

You have, at any time, the right to lodge a complaint with a supervisory authority regarding our processing of your personal data. Regardless of where we carry out our business, even if it would not be in the member state which is your country of residence, you have the right to lodge your complaint to your national supervisory authority.

Please follow to the link below to find the contact details to your national supervisory authority:

With regard to the General Data Protection Regulation (EU) 2016/679 (“GDPR”), we must disclose what personal data we collect and process about you, and for what purposes. In this Privacy Notice, you find all such information that we are obliged to inform you.